12

I did following things to passport authentication in Node.

1) I am using jwtFromRequest : ExtractJwt.fromAuthHeaderAsBearerToken(),

module.exports = function(passport){
    var opts = {};
    opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
    opts.secretOrKey = config.secret;
    console.log('Inside passport');
    //opts.issuer = 'accounts.examplesoft.com';
    //opts.audience = 'yoursite.net';
    passport.use(new JwtStrategy(opts, function(jwt_payload, done) {
        console.log('Payload :: '+jwt_payload._doc);
        User.getUserById({id: jwt_payload._doc._id}, function(err, User) {
            if (err) {
                return done(err, false);
            }
            if (User) {
                return done(null, User);
            } else {
                return done(null, false);
                // or you could create a new account
            }
        });
    }));

2) Calling the method in the following way:

userExpressRoutes.route('/profile')
    .get(passport.authenticate('jwt', { session: false }), function (req, res) {  });

3) Setting the header in Ppostman like : Authorization:Bearer {token}

Post Authentication Header

4) It is giving undefined payload

Payload :: undefined
TypeError: Cannot read property '_id' of undefined

What is missing here to get Jwt_payload?

Can someone help me?

ikos23
  • 4,879
  • 10
  • 41
  • 60
Sanket Lathiya
  • 189
  • 1
  • 1
  • 11
  • User.getUserById({$**_id**: jwt_payload._doc._id}, function(err, User) { is it _id or id – Sanjay May 13 '18 at 15:31
  • @SanjaySinghBhandari I tried both id and _id , but it's not working – Sanket Lathiya May 13 '18 at 15:35
  • If you do `console.log('jwt_payload =', jwt_payload);`, what do you get? Maybe it should be `doc` instead of `_doc`, for example. – David Knipe May 13 '18 at 16:35
  • @DavidKnipe HI David, I am getting jwt_payload =undefined in console.That is the issue. I am getting undefined payload. – Sanket Lathiya May 13 '18 at 19:04
  • @SanketLathiya No you're not, you're getting `jwt_payload._doc = undefined`. If `jwt_payload` was undefined the error message would be "Cannot read property '_doc' of undefined". – David Knipe May 13 '18 at 20:57
  • HI All , I resolved by below code . Thanks for help. – Sanket Lathiya May 16 '18 at 16:17
  • module.exports = function(passport){ let opts = {}; opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken(); opts.secretOrKey = config.secret; passport.use(new JwtStrategy(opts, (jwt_payload, done) => { User.findById(jwt_payload.data._id, (err, User) => { if(err){ return done(err, false); } if(User){ return done(null, User); } else { return done(null, false); } }); })); } – Sanket Lathiya May 16 '18 at 16:18

3 Answers3

15

Some working Combinations

For - fromHeader

ExtractJwt.fromHeader('authorization'),

Authorization : eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiQ2xpZW50IiwiX2lkIjoiNWUzN2NkMGI4YTAxNjEwNWNhMmFjZjYwIiwiZW1haWwiOiJwcmFqYWt0YUBnbWFpbC5jb20iLCJwYXNzd29yZCI6IiQyYiQxMCRzWXN4MGcyWGsybWdSTHNaZXBEYkV1MklRcGhVOURkNnczeTBHaUxMWHJVeW5aazlUR0xKSyIsIl9fdiI6MCwiaWF0IjoxNTgwNzE5ODE3LCJleHAiOjE1ODA3Mjk4OTd9.38x2wztqJWz9EH8_lN0ca-L-8mTQvW36iF2bfGk_ydg

For - fromHeader

ExtractJwt.fromHeader('HelloTom'),

HelloTom : eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiQ2xpZW50IiwiX2lkIjoiNWUzN2NkMGI4YTAxNjEwNWNhMmFjZjYwIiwiZW1haWwiOiJwcmFqYWt0YUBnbWFpbC5jb20iLCJwYXNzd29yZCI6IiQyYiQxMCRzWXN4MGcyWGsybWdSTHNaZXBEYkV1MklRcGhVOURkNnczeTBHaUxMWHJVeW5aazlUR0xKSyIsIl9fdiI6MCwiaWF0IjoxNTgwNzE5ODE3LCJleHAiOjE1ODA3Mjk4OTd9.38x2wztqJWz9EH8_lN0ca-L-8mTQvW36iF2bfGk_ydg

For - fromAuthHeaderAsBearerToken

ExtractJwt.fromAuthHeaderAsBearerToken(),

Authorization : bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiQ2xpZW50IiwiX2lkIjoiNWUzN2NkMGI4YTAxNjEwNWNhMmFjZjYwIiwiZW1haWwiOiJwcmFqYWt0YUBnbWFpbC5jb20iLCJwYXNzd29yZCI6IiQyYiQxMCRzWXN4MGcyWGsybWdSTHNaZXBEYkV1MklRcGhVOURkNnczeTBHaUxMWHJVeW5aazlUR0xKSyIsIl9fdiI6MCwiaWF0IjoxNTgwNzE5ODE3LCJleHAiOjE1ODA3Mjk4OTd9.38x2wztqJWz9EH8_lN0ca-L-8mTQvW36iF2bfGk_ydg

For - fromAuthHeaderWithScheme

ExtractJwt.fromAuthHeaderWithScheme('JWT'),

Authorization : JWT eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiQ2xpZW50IiwiX2lkIjoiNWUzN2NkMGI4YTAxNjEwNWNhMmFjZjYwIiwiZW1haWwiOiJwcmFqYWt0YUBnbWFpbC5jb20iLCJwYXNzd29yZCI6IiQyYiQxMCRzWXN4MGcyWGsybWdSTHNaZXBEYkV1MklRcGhVOURkNnczeTBHaUxMWHJVeW5aazlUR0xKSyIsIl9fdiI6MCwiaWF0IjoxNTgwNzE5ODE3LCJleHAiOjE1ODA3Mjk4OTd9.38x2wztqJWz9EH8_lN0ca-L-8mTQvW36iF2bfGk_ydg

For - fromAuthHeaderWithScheme

ExtractJwt.fromAuthHeaderWithScheme('HelloJerry'),

Authorization : HelloJerry eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiQ2xpZW50IiwiX2lkIjoiNWUzN2NkMGI4YTAxNjEwNWNhMmFjZjYwIiwiZW1haWwiOiJwcmFqYWt0YUBnbWFpbC5jb20iLCJwYXNzd29yZCI6IiQyYiQxMCRzWXN4MGcyWGsybWdSTHNaZXBEYkV1MklRcGhVOURkNnczeTBHaUxMWHJVeW5aazlUR0xKSyIsIl9fdiI6MCwiaWF0IjoxNTgwNzE5ODE3LCJleHAiOjE1ODA3Mjk4OTd9.38x2wztqJWz9EH8_lN0ca-L-8mTQvW36iF2bfGk_ydg
vijay
  • 10,276
  • 11
  • 64
  • 79
3

I resolved this issue by below code snippet. Thanks everyone for support...

const JwtStrategy = require('passport-jwt').Strategy;
const ExtractJwt = require('passport-jwt').ExtractJwt;
const User = require('../models/User');
const config = require('../config/DB');

module.exports = function(passport){
  let opts = {};
  opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
  opts.secretOrKey = config.secret;
  passport.use(new JwtStrategy(opts, (jwt_payload, done) => {
    User.findById(jwt_payload.data._id, (err, User) => {
      if(err){
        return done(err, false);
      }

      if(User){
        return done(null, User);
      } else {
        return done(null, false);
      }
    });
  }));
}

Then In request headers pass token like this

Authorization:bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiQ2xpZW50IiwiX2lkIjoiNWUzN2NkMGI4YTAxNjEwNWNhMmFjZjYwIiwiZW1haWwiOiJwcmFqYWt0YUBnbWFpbC5jb20iLCJwYXNzd29yZCI6IiQyYiQxMCRzWXN4MGcyWGsybWdSTHNaZXBEYkV1MklRcGhVOURkNnczeTBHaUxMWHJVeW5aazlUR0xKSyIsIl9fdiI6MCwiaWF0IjoxNTgwNzE4NjQxLCJleHAiOjE1ODA3Mjg3MjF9.T8n1YWRSHfr_1caZ51TbT4VdnBx2uXg1x2JOJC-TBL0
vijay
  • 10,276
  • 11
  • 64
  • 79
Sanket Lathiya
  • 189
  • 1
  • 1
  • 11
1

It worked for me:

I changed Authorization Header in request from: eyJhbGciOiJIUzI1NiIsI... (jwt token)

to Bearer eyJhbGciOiJIUzI1NiIsI...

yaya
  • 7,675
  • 1
  • 39
  • 38